CSRF token

A CSRF token is a secure random token (e.g., synchronizer token or challenge token) that is used to prevent CSRF attacks. This API retrieves the token for the current user session.

Download specification

Get CSRF token

Returns CSRF token via the qlik-csrf-token header.

Facts

Rate limit Tier 1 (1000 requests per minute)
Categories embed

Responses

204

Successfully returned token in qlik-csrf-token header

400

application/json

Token is not supported for the auth mechanism being used.

  • application/jsonany
    Show application/json properties
    • errorsarray of objects

      An error object.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Non-standard information about the error

      • titlestring
        Required

        The error title.

      • detailstring

        The detailed error message

      • statusstring

        The http status code.

404

application/json

Token not found

  • application/jsonany
    Show application/json properties
    • errorsarray of objects

      An error object.

      Show errors properties
      • codestring
        Required

        The error code.

      • metaobject

        Non-standard information about the error

      • titlestring
        Required

        The error title.

      • detailstring

        The detailed error message

      • statusstring

        The http status code.
GET /v1/csrf-token 
curl "https://your-tenant.us.qlikcloud.com/api/v1/csrf-token" \
-H "Authorization: Bearer <access_token>"

const https = require('https')
  const data = JSON.stringify("")
  const options =   {
    'hostname': 'https://your-tenant.us.qlikcloud.com',
    'port': 443,
    'path': '/api/v1/csrf-token',
    'method': 'GET',
    'headers': {
      'Authorization': 'Bearer <access_token>'
    }
  }
  const req = https.request(options)
  

This API is not included yet in qlik-cli